Forum Discussion
Load Balancing Outbound traffic between ISP Links with Big-IP LTM. HOW ?
Hello Everyone,
Sorry for the late Feedback
I've tried to use the IP Forwarding Virtual Server, but this Type of VS doesn't take Pools in the configuration so i had to configure a default route where my gateway is the pool of routers, also the Forwarding IP VS doesn't allow you to associate LTM traffic policies but only iRules.
One more thing, In this type of configuration all traffic going through Bigip gets SNATed. which is not what we want in our case of deployment since some servers on the inside need to be seen with there public ip NATed at the Firewall level. I tried to use a Layer 2 Forwarding VS and put ports 1:0 and 2:0 in the same VLAN Group. but then traffic just totaly bypasses the Bigip and i have no control over which ISP link it'll go through.
I'll try to explain want we want to do below.
We wanf to forward traffic if we choose to go through ISP-1 or ISP-2 (No source address change).
and if we want it to go throught the FTTH link then it get SNATed.
Is there a way to implement this in the network diagram above with a Bigip LTM ?
I apologize if i'm not clear with the explenation. i'm here to provide any more derails.
Thank you all.
you could you a performance layer 4 virtual server if you want to use a pool. it will also enable local traffic policies. with IP forwarding you indeed need routes and just iRules.
the SNAT behaviour depends on the "Source Address Translation" setting. if this happens for traffic going in you might want to only enable it on the outgoing VLAN interface.
to enable it for some, but not on others you will need an iRule or perhaps LTP, something to try out.
- f5-nubeMar 24, 2021Altostratus
I tried the performance layer 4 virtual server with a pool that containes my routers to ISPs , however when i try to access the internet with the F5 as my gateway, i get redirected to the router's login page. as if the router is treated like a web server .
- PeteWhiteMar 24, 2021EmployeeSet translate address and translate port to disabled on the virtual server
- boneyardJul 25, 2021MVP
did that work out for you f5-nube?
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com